posted on Oct, 6 2006 @ 08:35 PM
I am a civilian, working for a US defense contractor. Our client, the US Air Force.
The purpose of passwords, if I am to believe the commercials I see on military tv, is to protect information. Don't write passwords down! Al Queda
will find them!
For my pay, I must log into a time site to log my hours. For corporate training, another webpage. And my 401k and other savings, another website.
At work, the local LAN needs a password. The SECRET newsgroup computer needs another password. The maintainence Air Force website needs a password.
The Air Force training I need to complete requires another password. The workstations I use to track satellites require a password. And the MDT that
transfers info to Cheyenne Mountain needs another password.
All of these systems have different requirements to update your password. Anywhere from one to six months. And you can't use words, you must use L33T
speak, usually only eight characters are allowed, and you can't use any of the previous passwords more than once.
So you must try to remember what combination you used, on what system, how long ago, because you only get three tries then you are locked out.
Which wouldn't be a big deal if you lived in Virginia, but if you live on the other side other planet, the SA's go home at 5 pm. You have to wake-up
at 3 am just to catch them before they go home for the day.
What does all of these security systems create? It makes people write down their passwords, just to keep up with all of the changes.
The very thing you are not supposed to do!
Data is becoming less secure because it is too difficult to make it secure!